August 7, 2017 by

New Cybersecurity Guidelines for Smart Cars issued by the UK government

New cybersecurity guidelines for smart cars were issued by the UK government. The British government has issued a new set of guidelines on Sunday for automakers to incorporate cybersecurity as a priority into their designs of internet-connected vehicles. All internet connected vehicles to drive on the streets need to be better protected against hackers. The Department of Transport and Centre for the Protection of National Infrastructure (CPNI) development eight principles for automakers to follow when making connected cars. UK Transport Minister Lord Callanan said that the number of autonomous and connected vehicles increase on the streets of Britain, guidlines should be put in place to protect consumers. Callanan stated:

“Our cars are becoming smarter and self-driving technology will revolutionise the way in which we travel. Risks of people hacking into the technology might be low, but we must make sure the public is protected.

Whether we’re turning vehicles into wifi connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks.”

The eight principles are:

  • Principle 1: Organizational security is owned, governed and promoted at board level
  • Principle 2: Security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain
  • Principle 3: Organizations need product aftercare and incident response to ensure systems are secure over their lifetime
  • Principle 4: All organizations, including sub-contractors, suppliers and potential 3rd parties, work together to enhance the security of the system
  • Principle 5: Systems are designed using a defense-in-depth approach
  • Principle 6: The security of all software is managed throughout its lifetime
  • Principle 7: The storage and transmission of data is secure and can be controlled
  • Principle 8 – The system is designed to be resilient to attacks and respond appropriately when its defenses or sensors fail

The guidelines will force engineers to design vehicles around cyber security threats. All well as, incorporate systems that have the ability to withstand receiving corrupt, invalid, or malicious data. It will also give its users the power to delete personal data from the car’s systems. McAfee chief scientist, Raj Samani said “Driverless vehicles must be secure by design, and the government’s new guidelines will undoubtedly play a key role in ensuring that UK car manufacturers make that happen.”

Mark Noctor, VP EMEA at Arxan Technologies has stated: “A major cyber-attack on connected vehicles would take a terrible toll on human life, so the security guidelines published by the UK Government on Sunday are an important step in securing this emerging technology.” With the issue of the new guidelines the UK government will continue to work alongside the auto industry to ensure vehicles are protected.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Microsoft’s Secret Bug Database was Hacked in 2013

Technology giant Microsoft never disclosed a major breach of its internal database tracking bugs, a...

Read more arrow_forward

Hotel Chain Hyatt Announces Second Breach in 2 Years

Hyatt has announced that its payment systems were breached, exposing credit card details from 41...

Read more arrow_forward

IRS Suspends Equifax Contract after Data Breach

The IRS has reportedly suspended the $7.2 million no-bid contract awarded to Equifax to verify the...

Read more arrow_forward